<?php
namespace app\admin\controller;

use app\model\admin;
use think\Request;
use think\Session;
use think\Controller;

class Login extends Controller
{
    //登录
    public function index()
    {
        if (Request::instance()->isAjax()){
            $dao = new \app\model\admin\Login();
            //防止重复提交
            if(!Session::get('login_token')){
                return json(['status'=>9999,'data'=>(object)[],'msg'=>'验证失败!']);
            }
            $name = deletehtml($request = $this->request->post('name'));
            $password = md5(sha1(deletehtml($request = $this->request->post('password'))));
            if(empty($name)||empty($password)){
                return json(['status'=>1000,'data'=>(object)[],'msg'=>'用户名或密码不能为空!']);
            }
            $user_info = $dao->admin_login($name,$password);
            if(!empty($user_info)){
                if($user_info['status']===0){
                    return json(['status'=>10000,'data'=>(object)[],'msg'=>'您的账户被禁止登录!']);
                }else{
                    $data = ['user_id' => $user_info['id'], 'login_time' => time(), 'login_ip'=>getIP()];
                    $dao->admin_login_log($data);  //写入登录日志
                    Session::set('admin_info',$user_info);//写入session
                    return json(['status'=>0,'data'=>(object)[],'msg'=>'ok!']);
                }
            }else{
                return json(['status'=>1001,'data'=>(object)[],'msg'=>'用户名或密码错误!']);
            }
        }
        session(null);
        return $this->fetch('login/index');
    }

    //退出登录
    public function login_out()
    {
        session(null);
        web_jump('/admin/login');
    }
}


